Advantive VeraCore contains an unrestricted file upload vulnerability allowing authenticated remote attackers to upload malicious files to web-accessible directories. This vulnerability is actively exploited in the wild by the XE Group and listed in CISA KEV.
Data Source: CIRCL
Confidence: HIGH
Exploitation Method: DIRECT_NETWORK
CVE Published: 2025-02-03
Added to CISA KEV: 2025-03-10 35 DAYS BETWEEN CVE AND KEV
CVE-2024-57968 is a security vulnerability affecting Advantive VeraCore software, specifically versions prior to 2024.4.2.1 [1].
Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to upload files to unintended folders. ... An official website of the United States government Here's how you know ... CVE-2024-57968 Detail. Description. Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to…
Cybercriminal outfit XE Group has been quietly exploiting zero-day vulnerabilities (CVE-2025-25181, CVE-2024-57968) in VeraCore software. ... Cybercriminal outfit XE Group has been quietly exploiting zero-day vulnerabilities (CVE-2025-25181, CVE-2024-57968) in VeraCore software.Exploitation of VeraC…
Detect XE Group activity using CVE-2024-57968 and CVE-2025-25181, zero-day exploits in VeraCore, with Sigma rules from SOC Prime Platform.